bisecting fixing commit since 080b6f40763565f65ebb9540219c71ce885cf568
building syzkaller on a6e3ac3bf259067ffd6e50fe8e4a158f097c1da5
testing commit 080b6f40763565f65ebb9540219c71ce885cf568 with gcc (GCC) 8.1.0
kernel signature: efe6185d00263298267b0fb52ac71dd99e1711bc8c93a744f5ffb0bf795ec6a7
run #0: crashed: BUG: unable to handle kernel paging request in __traceiter_sched_switch
run #1: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3
run #2: crashed: BUG: unable to handle kernel paging request in __traceiter_sched_switch
run #3: crashed: BUG: unable to handle kernel paging request in __traceiter_sched_switch
run #4: crashed: BUG: unable to handle kernel paging request in __traceiter_sched_switch
run #5: crashed: BUG: unable to handle kernel paging request in __traceiter_sched_switch
run #6: crashed: BUG: unable to handle kernel paging request in __traceiter_sched_switch
run #7: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3
run #8: crashed: BUG: unable to handle kernel paging request in __traceiter_sched_switch
run #9: crashed: BUG: unable to handle kernel paging request in __traceiter_sched_switch
testing current HEAD e23a8d00219818ba74f97f6a4cbe071dbbd5b5f1
testing commit e23a8d00219818ba74f97f6a4cbe071dbbd5b5f1 with gcc (GCC) 8.1.0
kernel signature: 82131b466f492c7e62e0950aa9ba0da5017ebbd34f73c12a30184f26e2d774a6
all runs: crashed: BUG: unable to handle kernel paging request in __traceiter_sched_switch
revisions tested: 2, total time: 15m43.32458846s (build: 9m13.841208991s, test: 6m0.064874014s)
the crash still happens on HEAD
commit msg: Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf
crash: BUG: unable to handle kernel paging request in __traceiter_sched_switch
BUG: unable to handle page fault for address: ffffffffa0052a44
#PF: supervisor instruction fetch in kernel mode
#PF: error_code(0x0010) - not-present page
PGD 4e8b067 P4D 4e8b067 PUD 4e8c063 PMD 100d1a067 PTE 0
Oops: 0010 [#1] PREEMPT SMP
CPU: 0 PID: 7 Comm: kworker/0:1 Not tainted 5.11.0-rc3-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue:  0x0 (events)
RIP: 0010:0xffffffffa0052a44
Code: Unable to access opcode bytes at RIP 0xffffffffa0052a1a.
RSP: 0018:ffffc90000c8fde8 EFLAGS: 00010046
RAX: 0000000000000002 RBX: ffffc90000dc7000 RCX: e758fcd3395bfad4
RDX: ffffffff81301850 RSI: ffffc90000dc7038 RDI: ffffc90000c8fdf8
RBP: ffffc90000c8fe28 R08: 0000000000000000 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000001 R12: ffff888105fd0000
R13: ffff888100bd1980 R14: 0000000000000000 R15: ffff888100bd2020
FS:  0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffffffa0052a1a CR3: 000000011f8eb000 CR4: 00000000001506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 __traceiter_sched_switch+0x2c/0x40 include/trace/events/sched.h:222
 trace_sched_switch include/trace/events/sched.h:222 [inline]
 __schedule+0x4b6/0x9b0 kernel/sched/core.c:5061
 schedule+0x38/0xe0 kernel/sched/core.c:5143
 worker_thread+0xc2/0x380 kernel/workqueue.c:2442
 kthread+0x144/0x170 kernel/kthread.c:292
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296
Modules linked in:
CR2: ffffffffa0052a44
---[ end trace 29950720a4e0fd94 ]---
RIP: 0010:0xffffffffa0052a44
Code: Unable to access opcode bytes at RIP 0xffffffffa0052a1a.
RSP: 0018:ffffc90000c8fde8 EFLAGS: 00010046
RAX: 0000000000000002 RBX: ffffc90000dc7000 RCX: e758fcd3395bfad4
RDX: ffffffff81301850 RSI: ffffc90000dc7038 RDI: ffffc90000c8fdf8
RBP: ffffc90000c8fe28 R08: 0000000000000000 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000001 R12: ffff888105fd0000
R13: ffff888100bd1980 R14: 0000000000000000 R15: ffff888100bd2020
FS:  0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffffffa0052a1a CR3: 000000011f8eb000 CR4: 00000000001506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400